Information of all kinds continues to be stored and accessed remotely, such as on storage devices that are accessible over data communication networks. For example, many people and companies store and access financial information, health and medical information, goods and services information, purchasing information, entertainment information, multi-media information over the Internet or other communication network. In addition to accessing information, users can effect monetary transfers (e.g., purchases, transfers, sales or the like). In a typical scenario, a user registers for access to information, and thereafter submits a user name and password to “log in” and access the information. Securing access to (and from) such information and data that is stored on a data/communication network remains a paramount concern.
Convenience drives consumers toward biometrics-based access management solutions. It is believed that a majority of users of smartphones would prefer to use fingerprints instead of a password, with many preferring eye recognition in place of fingerprint recognition. Biometrics are increasingly becoming a preferred and convenient method for identity detection and verification, and for authentication.
Transport-level encryption technology provides relatively strong protection of transmission of various types of data, including biometric data, and supports confidentiality, assurance, and non-repudiation requirements. Standards, such as IEEE 2410-2016, provide for protection from an adversary listening in on communication, and provide detailed mechanisms to authenticate based on a pre-enrolled device and a previous identity, including by storing a biometric in encrypted form. This is considered to be a one-to-one case and includes steps for sending and receiving encrypted biometric data, as compared to an existing encrypted biometric sample. Accordingly, such one-to-one case is considered to be an authentication use case, as a given biometric vector and an identity can be used as input and authentication can occur when the biometric vector matches an existing biometric vector corresponding to respective identity.